diff --git a/.github/workflows/kyber.yml b/.github/workflows/kyber.yml
new file mode 100644
index 000000000..b2b02367b
--- /dev/null
+++ b/.github/workflows/kyber.yml
@@ -0,0 +1,101 @@
+name: Kyber Tests
+
+on:
+  push:
+    branches: [ '*' ]
+  pull_request:
+    branches: [ '*' ]
+
+env:
+  LIBOQS_REF: 0.10.0
+  WOLFSSL_REF: v5.7.0-stable
+
+jobs:
+  build_liboqs:
+    name: Build liboqs
+    runs-on: ubuntu-latest
+    timeout-minutes: 4
+    steps:
+      - name: Checking cache for liboqs
+        uses: actions/cache@v4
+        id: cache-liboqs
+        with:
+          path: opt/liboqs/
+          key: wolfssh-kyber-liboqs-${{ env.LIBOQS_REF }}-${{ runner.os }}
+          lookup-only: true
+
+      - name: Checkout liboqs
+        if: steps.cache-liboqs.outputs.cache-hit != 'true'
+        uses: actions/checkout@v4
+        with:
+          repository: open-quantum-safe/liboqs
+          ref: ${{ env.LIBOQS_REF }}
+          path: liboqs
+
+      - name: Build and install liboqs
+        if: steps.cache-liboqs.outputs.cache-hit != 'true'
+        working-directory: liboqs
+        run: |
+          mkdir build
+          cd build
+          cmake -DCMAKE_INSTALL_PREFIX=${{ github.workspace }}/opt/liboqs -DOQS_MINIMAL_BUILD=KEM_kyber_512 -DOQS_USE_OPENSSL=0 ..
+          make
+          make install
+
+  build_wolfssl:
+    name: Build wolfssl
+    runs-on: ubuntu-latest
+    timeout-minutes: 4
+    steps:
+      - name: Checking cache for wolfssl
+        uses: actions/cache@v4
+        id: cache-wolfssl
+        with:
+          path: opt/wolfssl/
+          key: wolfssh-kyber-wolfssl-${{ env.WOLFSSL_REF }}-${{ runner.os }}
+          lookup-only: true
+
+      - name: Checkout, build, and install wolfssl
+        if: steps.cache-wolfssl.outputs.cache-hit != 'true'
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: wolfssl/wolfssl
+          ref: ${{ env.WOLFSSL_REF }}
+          path: wolfssl
+          configure: --enable-wolfssh --enable-cryptonly --disable-examples --disable-crypttests
+          check: false
+          install: true
+
+      - shell: bash
+        if: steps.cache-wolfssl.outputs.cache-hit != 'true'
+        run: |
+          mkdir -p opt
+          mv build-dir opt/wolfssl
+
+  build_wolfssh:
+    name: Build wolfssh
+    runs-on: ubuntu-latest
+    timeout-minutes: 4
+    needs: [build_wolfssl, build_liboqs]
+    steps:
+      - name: Checking cache for liboqs
+        uses: actions/cache@v4
+        with:
+          path: opt/liboqs/
+          key: wolfssh-kyber-liboqs-${{ env.LIBOQS_REF }}-${{ runner.os }}
+          fail-on-cache-miss: true
+
+      - name: Checking cache for wolfssl
+        uses: actions/cache@v4
+        with:
+          path: opt/wolfssl/
+          key: wolfssh-kyber-wolfssl-${{ env.WOLFSSL_REF }}-${{ runner.os }}
+          fail-on-cache-miss: true
+
+      - name: Checkout, build, and test wolfssh
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: wolfssl/wolfssh
+          path: wolfssh
+          configure: --with-liboqs LDFLAGS="-L${{ github.workspace }}/opt/liboqs/lib -L${{ github.workspace }}/opt/wolfssl/lib" CPPFLAGS="-I${{ github.workspace }}/opt/liboqs/include -I${{ github.workspace }}/opt/wolfssl/include"
+          check: true